package top.jandmla.excel.config.shiro;

import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import top.jandmla.excel.service.MenusService;

@Configuration
public class ShiroConfig {

    @Autowired
    private MenusService menusService;

    @Bean(name = "shiroFilterBean")
    public ShiroFilterFactoryBean getShiroFilterFactoryBean(@Qualifier("securityManager") DefaultWebSecurityManager defaultWebSecurityManager ){
        ShiroFilterFactoryBean bean = new ShiroFilterFactoryBean();

        //添加shior的内置过滤器
        /**
         * anon:无需认证就可以访问
         * authc:必须认证才能访问
         * user：必须拥有  记住我  功能才能使用
         * perms：拥有对某个资源的权限才能访问
         * role：拥有某个角色权限才能访问
         */

        bean.setLoginUrl("/common/toLogin");
        bean.setSuccessUrl("/common/success");
        bean.setUnauthorizedUrl("/common/error403");

        bean.setFilterChainDefinitionMap(menusService.loadFilterChainDefinitions());
        //设置安全管理器
        bean.setSecurityManager(defaultWebSecurityManager);
        return bean;
    }

    @Bean(name = "securityManager")
    public DefaultWebSecurityManager securityManager(@Qualifier("userRealm") UserRealm userRealm) {
        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
        securityManager.setRememberMeManager(null);
        securityManager.setCacheManager(null);
        securityManager.setRealm(userRealm);
        return securityManager;
    }

    //创建Realm对象
    @Bean(name = "userRealm")
    public UserRealm userRealm(){
        return new UserRealm();
    }

}
